Professional Competencies:

Software/System Engr Specialist

• TQM, Toyota Way, lean, Kaizen
• SOX, J - SOX, HIPAA, PCI
• SEO/SEM, brand marketing
• SCM, EA, EAI, SOA, ERP, CRM
• Unique Project Mgt
• CMM/CMMI, Six Sigma
• Cyber-Security, Physical Security Risk Mgt, IT Auditing
• Privacy, Governance, Compliance
• Global Marketing/Sales Mgt
• Global Business/IT Solution
• Creative HR Global Mgt
• Extensive Asia Business Ops.
• Software Quality Metrics
• Integrated Data/System Mgt
• Requirements Analysis
• Software Localization
• Global Teaching/Training
• Global Strategic/Tactical Plan
• DR, Business Resiliency Plan

UNIQUE PROFESSIONAL EXPERIENCE:

Confidenital

Enterprise Architecture with Quality Measurement:

• As I introduced Top-down Systems Enterprise Architecture Approach to large organizations, I trained executives and managers, and helped implement the E.A. concept in three or four business operation projects by guiding, advising, mentoring, leading and managing their IT executives and professionals to become a champion trainer to others in the organization for 30 years.
• Top-down Systems Enterprise Architecture Approach which is the combination of two US Department of Defense standard technologies Structured Analysis and Design Technique SADT and the Systems and Software Quality Metrics Measurement Method from the Requirements Analysis plus lean, Kaizen, etc. Toyota Way, compliance, governance, security risks, other risks, etc. as a part of business requirements and/or conditions. This method is the disciplined, logical, systematic, top-down, break-down of the functions, processes, information, people and technology to achieve the enterprise vision and goals that top and senior executives set within the specified scope boundaries under the given conditions. The break-down of what the enterprise objectives are, in terms of functions, processes, information, people and technology in the balanced way from the top executive s down to the lower level from the global business perspective, is the most important task for CIO, CISO and other IT executives globally. It requires to define WHAT the business current architecture is and WHAT the business future architecture should be from the business top executive's business vision and goals within his scope boundaries under the given conditions. Without the accurate and clear business objectives for the enterprise, how can you perform something properly and productively In other words, I define the scope, goals and their requirements of the future state of the employer's business with top and/or senior executive s in terms of functions, processes, information data, people and technology in a diagram format to achieve the employer's business goals and then discuss the next level diagrams with his their immediate subordinates to break the goals and requirements down into more concrete details to achieve the same vision and goals in terms of functions, processes, data, people and technology within the same scope under the same conditions. Then, I discuss with their subordinates to break them down further more in concrete details, and further down to the lowest level to describe the business as-is and to-be architectures which defines functions, processes, information, people and technology to achieve the business vision and goals within the specified scope boundaries under the given conditions from the business perspective. Upon completion of the business as-is and to-be architectures, I translate them into the information systems as-is and to-be architectures with various stakeholders to achieve the same vision and goals within the same scope under the same conditions from the system's perspective. Then, I translate them into the technology as-is and to-be architectures to achieve the same business goals within the same scope under the same condition with the internal and external technologists from the technical perspective. Then, I define the enterprise security as-is and to-be architectures from the security perspective to achieve the best possible protection of the enterprise assets with various business executives and security experts. These four as-is and to-be architectures should be the main enterprise architecture frameworks, all of which must be compliant to the enterprise policies, standards and guidelines. Upon completing these enterprise as-is and to-be architectures, I analyze the gaps between as-is and to-be architectures, list those items of concerns including compliance, governance, security risks, other risks, and the potential improvement opportunities, then, assign the priority to each items of concerns, evaluate all technology alternative solutions and choose the most suitable one, develop the strategic plans and the tactical plans based on available resources, time-constraints, laws and regulations, and other conditions to implement the tactical plans. In other words, the key is to define WHAT the enterprise business objectives are and then design and implement HOW to achieve the enterprise objectives. Therefore, I apply this method for various application domains such as supply chain/supply relationship management, customer relationship management, finance, manufacturing, sales, HR, etc. and their requirements for appropriate infrastructures as well as business and IT strategic planning and some of the enterprise critical business issues that top or senior executives faced with. This method has an advantage over PMI/PMP certificate holders and those who know TOGAF, Zachman Framework, DoDAF or other Enterprise Architecture method. My advantages are: a I define scope, goals, quality metrics of the business issues or the IT related complex problems, and how to measure them from the initial phase of the project in the most flexible, effective, productive way to achieve the business goals and/or to solve the complex issues while reducing the total cost, other resources, and risks. b I define WHY model, WHAT as-is and to-be models first to clarify the core issues and objectives of the project, before discussing, evaluating and designing HOW models in order to select the best choice of solving the issues and achieving the project goals. c The top down systems approach assures that the business requirements are totally and accurately considered before selecting the best technologies used in the project. d The top down systems approach can trace all business requirements from the top level image to the bottom level completely and vice verse, the business requirements traceability from the bottom level to the top level are easily managed without changing scope, goals and quality metrics under the given conditions. This will reduce the change requests later on. e I can identify all potential risks including business functions, business processes, security, people, technology and data early enough that the project risks can be controlled under the given conditions. f I have practiced this method as the best way to manage almost all projects for 30 years. g The biggest advantage is to define quality metrics and measure them fairly and objectively from the initial phase on to monitor project progress and to insure the quality artifacts at the completion of project. I also use different IT technique because of good knowledge in pros and cons of AGILE/SCRUM, RUP and other IT methodologies. This top-down systems approach complements and includes most of the TOGAF, DODAF, FEA, other EA approaches with PDCA cycle.

ACCOMPLISHMENTS:

Confidenital

• Organization Compliance, Governance and Risk: Managed to integrate two entirely different manufacturing systems used in the US and Japan into one common system which is compliant to SOX, J-SOX, etc. Advised personal liability issues of SOX to top executives of large organizations and helped comply with various regulations SOX, HIPAA, FISMA, etc. and helped resolve risks involved in many IT system procedures and business processes. Discussions of HIPAA impact over the interstate hospital operations and risk management for privacy issues involved with HIPAA law specialists. Top-down Systems Approach helps top or senior executives' critical management information disseminated to the lowest level accurately and completely with the business architecture for governance The method helps management identifies, analyzes, decides and responds to various risks technology, financial, security, compliance, etc. for risks management The method helps identify the compliance to laws, regulations, contracts, strategies, enterprise policies, standards and guidelines, as well as potential costs of non-compliance, etc. because of accurate and clear definition of the business operations to achieve the business goals.
• International Business Development: Managed new channels of distribution for US high tech products, services of US firms DEC, AT T, Logitech, Vertel, Viasoft, etc. and Israel firms into Japan, Korea and other Asia Pacific region as a consultant advisor, a Country Manager, a Regional manager since 1981. Established and managed local distributors, representatives and/or a branch operation after localization of products, marketing and sales training, various programs and materials to support and services customers including OEM deals and management of local distributors in Asia Pacific market. Helped several large to small firms from Asia penetrate US and European markets with their products and services as an advisor or a consultant because of good knowledge and business experience in the US, Asia and Europe. Turned around software products and service business in Asia Pacific region for Viasoft Inc. Phoenix, AZ by diligent, persistent and helpful actions with appropriate strategic/tactical plans to many large potential customers in Japan and other Asian countries. The key has been to develop trust and mutual beneficial arrangement with top executives of large organizations from customer's perspective, and the influential people are willing to help me accomplish my objectives. In the medical device manufacturers in the US start-up cases, I introduced it to potential distributors for US vendors as well as OEM deals for Vertel's software to high-tech telecom device manufacturers because of my influential business contacts in Japan/Korea.

Confidenital

• Sold Network management middleware software to NEC, Hitachi and Toshiba as an OEM deal for Vertel Sold telecom software maintenance tools of Viasoft to NTT Data, NTT Software, KDDI now, Softbank, NEC, Fujitsu, Hitachi, Toshiba, etc. Advised system development technologies to NTT group companies NTT DoCoMo, NEL, NTT Comm., etc., NEC, Hitachi, Panasonic, Toshiba, Mitsubishi Electric, Oki, Fujitsu and major systems integrators in Japan. Advised how to develop embedded software for wireless devices to high-tech manufacturers in Japan. I was a Shadow Project Director for telecom application software development which had over 5,000 IT professionals for 3 years and another one which had 2,500 IT professionals for couple years for NTT.

Confidenital

• Logistics: I worked on Mitsui Shipping, couple transport carriers, distributors, and logistics systems for large manufacturing firms. In addition, I helped improve logistics, warehouse control management and delivery system vendor which installed JIT delivery system for the largest convenient store chain Seven Eleven in Japan. In addition, I advised another logistics and warehouse control management vendor whose product was used by several large manufacturers, to improve their transportation and products warehouse control management operations, in Japan.
• Automobile: Knowledge/Experience of Pros and Cons of US and Japanese TQM business practices to perform, JIT, Kanban, lean, Kaizen, the best practices with PDCA cycles for the best transformation activities in an automobile industry. Keep track of latest cyber-security situation Protect from Advanced Persistent Threat globally by advising automobile firms what/how to protect themselves Advised to adopt the best possible Japanese and Korean identity access management security products including software protection tools of SSL cracking malware, blood vein, retina, facial shape and feature, and other biometrics systems, single-sign-on, etc., for automobile use. I advised and recommended to adopt certain project management, software engineering methods, software products and services to the Toyota group, Nissan, Mitsubishi Motor, Hyundai Motor, etc. I also advised GM, Ford, Chrysler to adopt the Toyota Way with the top-down systems approach. Since I worked on integration of various cyber-security and RFID application area, I am involved in telematics applications research and advise potential business opportunities in telematics area.
• 2 IT Implementation Projects: Advised, guided, and implemented CRM, SCM, EAI, CM, HR, MRP, ERP, SFA, BI, etc. application project as well as troubled SAP, Oracle, Peoplesoft, Siebel, etc. package implementation projects as the enterprise-wide integrated solution by appropriate data dictionary like ICD-10 in healthcare and corporate wide data dictionary definition, standard procedures, measurement of goals from the start of project, project policies, etc. Another key was to accurately define as-is and to-be model gap, align what the package offers to what the stakeholders want properly to come up with the proper requirements and measure their goals to be achieved from the initial phase which is typically transformation of organization and innovative business processes are defined in the most productive ways in order to contain within budget, schedule and resources instead of accepting various customizations randomly. Enthusiastic supporter of BIRT Business Intelligence and Report Tools and Drupal Open Source activities.
• Japanese natural disasters, US Katrina and other recent disasters forced senior executives of many large organizations to reconsider the backup, business resiliency continuity plans as well as responses to the cyber-attacks. The dilemma they have is to balance cost-benefit analysis and preparedness same as cyber-security area. They tended to consider the preparedness as the wasteful expenses instead of asset investment. They also consider to security protection is a waste of valuable funds as their stockholders and customers do not know how well the firm is prepared until its vulnerability is discovered by public, and I have been persuading to invest much more funds for proper preparation in backup, business resiliency projects which should involve Confidential the national border whenever I gave speeches or advised the top/senior executives.
• 1 Physical and Cyber-SecurityAdvised and implemented secure software to Japanese high-tech firms and many large firms Advised and helped implement various cyber-security tools for large to medium size companies in Japan including APT, IDS/IPS, log diagnosis, authentication/authorization, vulnerability/penetration testing, and forensics, real-time behavior monitor, etc. hardware, software and services Keep track of latest cyber-security situation Protect from Advanced Persistent Threat globally by advising large organizations what/how to protect themselves marketed and sold Japanese and Korean security products including software protection tools of SSL cracking malware, blood vein, retina, facial shape and feature, and other biometrics systems, single-sign-on, identity management, etc. since 1990. Promoted US and Israel behavioral, real-time intelligent monitoring systems, protection systems of Bring Your Own Devices, private and public cloud security methods, etc., to Japan Adoption of the next generation of fraudulent transactions investigation using the next generation of business intelligence tool for banks, Big Data high volume transaction businesses. As I was the project managers of several Identity and Access Methods projects, and I became a consultant advisor to two deans of Carnegie Mellon University who are in charge of education and research of information security field, I advised top or senior executives of many large organizations in Japan to prepare for the cyber-attacks by cyber-criminals using ISMS, IPv6 and other ISO/NIST standards. The key was to earn TRUST from top executives to adopt ISO 2 9 series and/or NIST information security standards in their organization proactively, and obtain ISMS certificate with IPv6 protocol as a minimum. I advised/worked on how to install retina, facial, blood vein pattern, voice, etc. recognition embedded software as well as physical and logical security products and services. The key to successful cyber-security is to gather Big Data for intelligence and appropriate analytics in a real-time basis, and to take appropriate preventive, proactive measure. I also advised many large global firms to maximize the cyber-attacks protection, to reduce the number of security vendors and security policies to be manageable as much as possible since there is no 100 guarantee in cyber-security protection.
• In Financial area: I applied this top-down systems approach to improve subsidiary IT organizations of banks, financial, insurance, etc. by transforming the way to manage various projects using outside contractors and vendors staff. I rescued the troubled SAP, Oracle financial system implementation projects by redefining the scope, goals that corporate financial department wanted and needed to consolidated data from various division activities where various silo financial systems were used globally. The key issues were how to interface the local systems that were to balance the needs and wants of the headquarters and the local departments without major complexity. Therefore, I assisted to transform the old financial systems more customer-centric order, fulfillment, credit, warranty, customer satisfaction based system, and the enterprise-centric information with appropriate integration of financial data from the corporate lean, Kaizen perspective. For Tokyo Stock Exchange stoppage case, I advised to clearly define the accurate, timely scope, interfaces and goals each major vendor was expected to accomplish so that the better control of stock exchange transaction processing could be accomplished after identifying the major critical interfaces and boundaries of responsibility/accountability issues. In the credit card system area, I worked on Confidential, Sumitomo Bank and Sanwa Bank projects, primarily the customer relationship systems and financial account transactions area to make sure that the customers were happy. The top down systems approach is very useful tool to visualize the integrated organization business functions and processes, data, people and technology after M A, for determining the business architecture, the systems architecture and the technology architecture as well as financial perspective and offered various suggestions and advice to senior executives in M A activities.
• I introduced the Shared Medical Records System to Japan in 1982. Since then, I helped large to smaller hospitals, medical facilities to automate Confidential t records systems, hospital administration systems, integrated medical records system combining Confidential t records from various departments, outside testing lab results, outside doctor data, pharmacy data, insurance data, etc. to improve Confidential t diagnosis with HIPAA/Privacy compliance for 25 years. The key is to establish the enterprise-wide data dictionary i.e., ICD-10 and repository to capture the appropriate Confidential t records in an integrated model instead of silo systems. I was one of the pioneers of integrating various hospital systems into one enterprise system to reduce errors in administrative work, accurate Confidential t diagnosis, consolidated Confidential t health records, etc. using data repository system in addition to traditional applications interfaces with certain anticipated risk. Additionally, I worked on ERP, revenue tracking, procurement/payment, drug tracking, capacity planning, etc., administrative systems for a hospital. I also helped two medical-device startups in the US obtain Japanese license and promoted medical products marketing and sales into Japan. In addition, I improved IT operations of medical insurance, life insurance, casualty and other insurance systems for several large firms. I advised and helped implement the better pharmaceutical information processing for pharmaceutical firms, too. I encourage healthcare related industry to adopt HIPAA/OCR audit, HIPAA/HITECH framework as guidelines to their advantage.
• In SAP implementation project, I worked on integrated SD Sales Distribution, MM Material Management, FI/CO Financial/Control, HR Human Resources, PP Product Planning, PP-PI Product Planning in Process Industry, IM Inventory Management, PM Plant Maintenance, PS Project System, SM Service Management and QM Quality Management, etc. using ABAP Advanced Business Application Programming in the project as a project manager. I always suggested to start with the integrated strategy first and then to begin from the most difficult, complex portion of the package project with the best professionals as much as possible and gradually add on to it. Likewise, I rescued various package implementation projects that got into trouble by reassessing the WHY model, WHAT as-is and to-be models and HOW model with special emphasis to consider any extra functions as an outside, separate module to interface with the package seamlessly as much as possible to avoid maintenance, upgrade issues later on after careful consideration to impact to the existing business processes and the needs for retraining impacted staff. The key was always to integrate these modules as much as possible with appropriate interfaces for next generation Business Intelligence and Analytics capabilities.
• , I worked on integration of Data Warehouse/Knowledge Management or Business Intelligence, Supply Chain Management, Customer Relationship Management, Manufacturing Resource Planning, Financial/Control, Human Resources, Enterprise Resource Planning, Service, Support and Quality Management, etc. application projects as a project manager using my top-down systems approach to clearly and accurately define scope, goals and quality metrics first. Additionally, I worked on integrated HRMS, FMS CRM, SCM and Enterprise One of former PeopleSoft package and as many implementation projects got into troubles where the key is to use the package functions as much as possible and supplement with additional functions and features that the stakeholders required to complete the project successfully with thorough understanding and acceptance of the new business environment by everyone involved in.
• Adviser to President, CIOs, CEOs, COOs, CFOs, CMOs, CSOs: Using the top-down systems approach, I advised, guided the top executives to describe their vision and goals, their subordinates to develop them into more concrete goals and down to the lower level managers who in turn develop their goals that could be converted to more productive business processes, technology, data and people goals under the given conditions. I advised CIO, directors of IT to develop their goals in short and medium terms as well as to align IT service activities to expectation, wants and goals of various business units, that are based on the mutually agreed quality metrics measurement for large organizations in the US and Japan. I advised what and how of business architecture, information architecture and technology architecture and how they could take advantage of this enterprise architecture concept to consider their issues logically and systematically, especially in the area of data breach/leakage and other cyber-security issues in the past 15 years.
• Quality Measurement: I participated in the development of software quality measurement in the requirements phase for the first time in the world in 1982 for Lockheed project successfully and became a Department of Defense standard in 1983 or so. Since I was one of the top experts in the requirements analysis methodology in 1979, I was the top leader in the definition and quality measurement of business requirements and applied it as a part of project management technique since 1982 on. Therefore, I have been one of the leading specialist in the quality definition, measurement and remediation to reduce costs, other resources and risks in almost any type of project as I have specialized in defining WHY and WHAT models prior to defining HOW models which requires to consider various available technologies as enablers/constraints in each area and I could manage project by measuring quality metrics for successful achievement of project goals in almost any kind of a project.
• Organization Transformation: For high-tech firm or start-up cases, as the firm grew, various departmental responsibilities expanded and the interfaces among them became an issue. I used the top down systems approach to define scope and goals of individual department and found the gaps in interfaces and responsibilities from thorough analysis of entire enterprise operations. I assessed and defined WHAT as-is and to-be models of the enterprise functions, identified the gaps or discrepancy between WHAT as-is and to-be business architectures, designed and implemented the improvement area such as smooth interfaces to come up with the optimum functions, goals, responsibilities and accountability accurately and precisely for each department to transform as-is groups to to-be groups with the improved operations with scalability, flexibility for future growth. This method was applied in operational improvement, internal auditing, risk management and/or compliance/governance activities. Since I was an adviser to president of Toyota Motor Car Sales, USA, Inc., I applied US technologies in their lean, Kaizen, continuous process improvement environment from mid-1980s and I applied Toyota Way to other manufacturers GM, Ford, Chrysler, etc. and to service industries. In case of M A, the optimal, common system technologies and business processes are identified for smooth transition into the new integrated organization, work-flows using the proposed technologies, interfaces among people, processes, technologies, data and various systems, and proposed optimal business procedures with adequate training and preparation using the top-down system approach with quality measurement. In case of backup in other countries, consolidation of data centers or global infrastructure upgrade, there were some minor adjustment factors that had to be considered, but the fundamental approach to managing projects was the same. I developed the national IT human resources strategic plan, the national IT security human resource development plan, etc. for Keidanren the politically most powerful business federation in Japan for recommending Japanese government to adopt them. The top down systems approach complements and includes major part of TOGAF, DODAF, FEA, and other Enterprise Architecture approach since it includes taxonomy, data, practices, business processes, integrated information business flows, technologies and quality measurement from the initial phase of the project and the most important thing is to achieve the project goals as agreed in the initial stage in the most productive way and very useful for internal audit, risk management and forensic audit.
• Focus on establishment of the medium term corporate vision and break down to annual goals for top executive of large organizations prior to defining various divisions, departmental sub-goals and objectives in short-term, and then defining specific IT related projects for manufacturing, insurance, security, and other service industries. The key is to define the global enterprise business vision and goals and IT services must align to achievement of the business by accurate and clear definition of the business requirements and conditions to focus on what to achieve prior to design of how to achieve.
• Gap analysis of as-is and to-be business models for start-up, and modernization or transformation of existing organizations including risk management, information security management, human resources retraining, new business processes, update corporate policies, start-up new operations in Japan, US, and other Asian countries. The gap analysis could easily identify the potential risk area and the potential SOX, J-SOX, privacy, PCI-DSS and other compliance, assign the priority to items of concerns and develop the strategic and the tactical plans for business.
• Advice and reduction of potential risks in SOX, J-SOX, HIPAA, CA SB1386, GLBA, PCI-DSS, etc. compliance and IT auditing by proper work flows and process improvement continuously. Transform obsolete engineers to productive engineers by training new skills for a large US defense contractor.

Professional Experience:

Confidenital

• I specialized in training and mentoring hundreds of IT professionals the Enterprise Architecture concept since 1979 by combining two Department of Defense standard technologies SADT Structured Analysis and Design Technique and Quality Metrics Measurement Method from the Initial Phase with Top-Down Systems approach where the enterprise business architecture is considered first. The top-down systems approach helps top/senior executives establish vision and goals for the enterprise from short, medium and long term perspective. The enterprise top image is described first in one regular 8.5x1 size to visualize the entire business instantly where enterprise performs certain activities based on given factors information, services, conditions, etc. to produce certain outputs under the given conditions resources, other factors . The output is the desired goals and/or vision. This image is broken down one level at a time by their subordinates into more concrete, details level, and so on, to get the more and more detailed break-down functions, processes, information, people and technology under the same given conditions to product the more concrete, detailed outputs which should be able to be measured based on quality metrics measurement criteria. This business architecture is the basic guideline for all enterprise architecture tasks. The top image could be the enterprise image, division image, department image or any other big problem s or issue s that the top/senior executives may face with, and follow the same procedure to solve them.
• For instance, I have worked on the IT integration feasibility and the best possible solution for Canadian and US IT organizations into one operation for Hyundai Motor. I worked on the integration of US operations and Japanese IT operations for both business operations and subsequent IT integration efforts for certain high-tech and manufacturing firms by this unique top-down systems approach with quality metrics measurement from the start of the project. There are two types of integration I worked on. One was strictly to integrate US and Japanese IT operations such as Hitachi Global Storage Technologies acquired the former IBM storage division several years ago and HGST wanted to integrate their two different manufacturing systems into one common system even though manufacturing philosophy, business environment, business practices, culture, language, etc. are totally different. The first trial in several years ago failed miserably and their second trial started with certain software package, Indian and Chinese offshore services, American and Japanese IT staff, under given conditions. A former IBM project manager who managed this project hit the wall with Japanese side because of the different ways of thinking, attitude, etc., and the project went around and around without any significant progress, and I was asked to rescue to go smoothly forward as a contract project manager at 110/hour plus all travel expenses. The technical integration projects I rescued and/or managed had several issues in most of the cases in which one of the most common problems is the narrow perspectives of the project directors/managers who considered only their technical aspect of the integration without adequate information, consideration to the impact to the stakeholders and their business process optimization and/or that the project manager considered quick and dirty fixes without proper consideration to the long-term impact to the enterprise systems architecture and business architecture, etc. The other kinds of integration issues were business stakeholders and other business units' support to the project. Some of the examples are the lack of support by some of the stakeholders as they were getting what they wanted in general at the expenses of spaghetti systems that caused lots of maintenance costs, efforts, etc., for both other stakeholders and IT. Second, there was no appropriate vision and/or business goals that project sponsors could state from the enterprise perspective except their own departmental wants, desire, and expectation, or a lack of consultant and/or CIO, VP of IT, etc. who supposed to have the enterprise architecture vision from the business perspective, primarily enterprise-wide business process optimization, as well as the technical perspective at the same time to determine what exactly the enterprise needed and/or required to achieve the enterprise vision and goals of intermediate and/or long term goals. Some other examples are to transform obsolete top level aerospace engineers into the IT engineers, update domestic human resource policy to reflect global scale policy, modernize the organizational structure to reflect the global competitions with re-engineered business processes optimization, strategic/tactical planning and implementation, information security, privacy, compliance, governance, etc. for an enterprise level.
• My typical top down system approach specifically is as follows: I interview and discuss the enterprise business vision and goals with top/senior executives to clarify scope, goals and quality metrics including what their business architecture looks like in 3 to 5 years or longer and their success and failure measurement criteria. Then, I talk to their immediate subordinates to break this scope, goals and quality metrics down into more concrete and details in terms of information, business processes, functions, people and technologies, without changing the scope, goals and quality metrics, and so on to the next lower level to the point that accurate and clear business architectures are described from the top to the bottom level. Then, I define these business architectures to stakeholders, project sponsors and IT people to discuss WHAT as-is business model is, WHAT as-is information functional workflows and/or data flows architecture is, and WHAT as-is technical architecture is in details to clearly and accurately understand what the existing IT environment is. Then, I define WHAT to-be business architecture should be, WHAT to-be information architecture should be, and WHAT to-be technical architecture should be as much as possible in order to discuss, evaluate and determine various gaps in all these area of concerns under the given conditions. Then, I come up with the final version of WHAT to-be business architecture should be to get the final approval from appropriate senior executives and then define immediate, intermediate and potentially long-term WHAT to-be information architecture should be, and WHAT to-be technology architecture should be that have to be approved by senior executives without changing scope, goals and quality metrics. All requirements must be traceable upward and downward to check their quality assurance including specified boundaries under the given conditions.
• Then, I evaluate, and design HOW to accomplish the to-be information architecture and the to-be technology architecture, with appropriate IT senior executives, vendors, technology consultants, etc. to figure out the best approach to achieve these goals with many outstanding issues, their priorities and the reasons why certain priorities are assigned to them. Quite often as needed, I asked various stakeholders to get involved in discussion to determine their desire, expectation of priorities in various issues of their concerns. Then, I negotiate the senior IT and business units' executives to determine budget, schedule, and other resource allocation, etc. and finalize the short-term and intermediate term Enterprise Architecture and Integration Strategic and tactical plans and implementation project's schedule, resource allocation, etc.
• This is a kind of generalization of this approach I have used for the past 30 years to convince top/senior executives to accept the enterprise architecture and integration projects in many large organizations as their concerns are so different from the IT executives like CIO, CISO, etc. Because of my many years of proven performance, reputation and credibility I earned, most of the top/senior executives did not resist the kind of proposal I made with the help of appropriate managers and executives even though some of the top/senior executives tend to still consider the IT project's cost too much for the benefits they gained from their enterprise perspective.
• Consequently, my basic question is the kind of enterprise integration project. What are the motives and reasons why they established the project efforts Based on their reasons, I need to respond to their needs and what I may be able to perform to meet or exceed their expectation as my desire is to always exceed the expectation of the senior executives and rewarded accordingly in the intermediate and the long-term benefits. The more challenge I get, the more I can shine because there is hardly anyone who has the kind of background I have as the expert of integration project from the top-down systems approach.
• Since I mastered the top down structured analysis and design technique SADT, one of the Department of Defense standards, I taught, trained hundreds of IT professionals globally the then, latest technology to define WHY model, WHAT as-is and to-be models first, before consideration of various technology alternatives into designing of HOW models and implementing them in the most cost-effective way. I also encouraged the project sponsors, all stakeholders to participate in development of the software quality metrics measurement from the initial phase on. Therefore, I was the only person who mastered both technologies in the requirement analysis phase which has been considered as the most important phase in the project cycle according to the basic principle of the systems and/or software engineering in early 1980s on. When I taught SADT, my employer charged 50,000 to 90,000/week plus all travel expenses. When I taught software quality measurement technique, we charged 30,000 to 60,000 per week plus all travel expenses. I applied these technologies at Toyota Motor which was well known as the lean, Kaizen environment, and ultimately combined all of them, and started calling this methodology the top-down systems approach. A certain US market research firm found out about my work and asked me to give lecture to senior executives of Big 3, GM, Ford and Chrysler and I worked on helping them to adopt the Toyota Way a little bit. Then, in 1990s, I added compliance, governance, risk management and security factors in this top-down systems approach as the important enterprise architecture requirements and helped the top/senior executive come up with their vision, goals as well as solving their enterprise issues. I also got involved in solving various integration projects and rescuing the troubled business or IT projects because most of the projects have a common issue of lack of proper definition in scoping, goal setting and/or quality metrics measurement area before discussing the detailed how-to issues. As most of the senior executives and/or IT professionals tend to think from their narrow what they know well perspectives and I tried to widen their perspectives by suggesting and advising the wider view and/or innovative ideas for them to think about differently in order to come up with the better solutions. This is the basic approach I have used to solve very complex and difficult problems for large organizations. Quite often, people tend to forget is the essential requirement of establishing and maintaining the enterprise-wide data dictionary which must be used by everyone who is involved in any business activity, something like ICD-10 activity in healthcare.
• My mottos are your upstream, peer and downstream people are customers and treat them with respect and honor as a kind of KING and treat them the same way as you would like to be treated, and Keep IT Simple, Stupid.
• One of the common mistakes that I encountered in the EA projects is that project manager proceeded to solve issues, whatever his circle of technologists know well, without adequate consideration to many other potentially important impacts to the existing business functions, processes, information, people and other systems in use. In fact, quite often, they forget the main function of the IT is to serve business stakeholders for their benefits rather than to make IT jobs easier, and/or to consider any new information technology as an enabler only rather than as both enabler and a potential constraint in an intermediate or a long term in some instance. I have applied this approach to solve cyber-security projects, compliance projects, troubled software package implementation and others, in the IT field.
• For instance, in the cyber-security area, I advised and guided top executives and senior executives of large organizations and governmental agencies to understand and be prepared for the enterprise to protect assets of the organizations by establishing and enforcing the corporate security and compliance policies, standards and guidelines with as much funds as possible instead of considering the security as expenses but as an investment for the enterprise. The data breach and leakage could be prevented by more employee orientations and training sessions rigorously with stricter enforcement of policy and standards to all employees, contractors, partners and vendors. At the same time, carefully limited number of security vendors and consultants should be used to protect the assets as much as possible by balancing security functions, business processes, technology, information and people with appropriate vulnerability tests and penetration tests periodically.
• In applying this method in the information security architecture area, I describe the as-is business architecture which includes the current information security practices in use and to-be business architecture which describe some of the desired security business processes that the business units would like to adopt to insure the enterprise assets. I also describe the as-is information systems architecture which includes some of the man-machine interfaces to manage information security as well as the as-is technology architecture which defines the technical products used to protect the enterprise assets from the technical perspective. Then, I design the to-be information systems architecture based on the to-be business architecture, and the as-is information systems architecture including some changes, modifications and/or transformation of man-machine interfaces to reflect the new technologies used upon definition/design of the to-be technology architecture to reflect the new to-be business architecture using the best alternative technologies available to achieve the new goals under the given conditions. For instance, when the firm is interested in obtaining the ISMS certificate, the important efforts are to find out exactly what ISMS requirements are to reflect in the to-be business architecture, the to-be information systems architecture and the to-be technology architecture, and evaluate the gaps between as-is and to-be models, and list those items of concerns and assign the priority to each item of concerns with participation of the senior business executives, stakeholders, and so on. Then, implement to-be security functions, security processes, and security information according to the priority of the enterprise.
• In the business consultation area, I used the same approach to solve the enterprise US market share issue, transformation of the organizational structure and operations, employee issues, new business development plan, strategic plans, how to penetrate Asian market and other markets, business compliance and risk management area of any industry. I also applied the Top-down Systems Enterprise Architecture Approach in very complex, global scale IT solution for large organizations of different industries.

Confidenital

• I got to know Confidenital when he was in charge of Far East Operations of Viasoft Inc. Phoenix, AZ around 1992. NTT Data was interested in pursuing the potential extension of maintaining and supporting mainframe software for our customers in Japan using Viasoft's tools. He helped us to adopt and use these tools in our customers. During this period, Mr. Ochi explained us about his background in software engineering and its application in various subjects. Since I was in charge of standardization, research and development of software technology for NTT Data, his expertise helped us decide some of our efforts in my area. For instance, he helped us understand and adopt Zachman Framework which was very popular in the Enterprise Architecture projects. Mr. Ochi was an expert in WHY, WHAT and HOW models construction and applying software quality measurement in addition, it helped us to determine to what extent of this Zachman technology is useful for our environment where our customers are from Japanese government, banking, insurance, manufacturing and many others in Japan.
• Since Confidenital was involved in cyber-security through adviser to Carnegie Mellon University, he introduced us some important activities that NTT Data could adopt to prepare the information security for us and for our customers. His idea of why model and what as-is model, what to-be model construction is an interesting approach for us, as it could be applied in almost all IT projects, and important idea of evaluating why and what before designing the how is very helpful and key approach. Japanese tend to think in terms of how to solve the difficult issues because we do not differentiate how and what requirements, and we tend to solve the small portion of the main, big problems. I understand why and what model approaches do not change much whereas how is constantly changing as business environment and technologies change constantly, and that is one of the reasons why his way of solving the big, corporate issues is very useful and logical for us.