T-Rex has designed, built, integrated, and operated some of the world’s largest mission critical systems for our government clients who need to leverage the power of data & the cloud while also holding to aggressive schedules. To support this, we developed the T-Rex SMART® Framework that offers an Agile and iterative methodology to take advantage of new platforms while meeting critical missions. This approach allows for micro or macro modernization in a structured fashion allowing for agencies to take advantage of available modernization funds. There are 5 steps to our framework:
S – Strategize and Stabilize
We leverage and enhance existing enterprise architecture (EA) roadmaps and perform application rationalization to establish a “landing zone” strategy for target applications. We take a structured approach to determine the most appropriate operating models (e.g., Cloud, on-premise virtualization, or bare metal) that should be considered for the greatest business benefit. The application rationalization task takes into account several factors in recommending a modernization path, including:
- Licensing and cost optimization;
- Cost, health, and longevity of the current hosting environment;
- Overall value of the application to the mission and consideration of redundancies; and
- Impact of current risk, schedule, and staffing baselines on modernization paths and movement to target stable platforms.
We then stabilize our project baselines. This includes the technical baselines such as requirements and functionality baselines, and the Implementation and Integration Plan (IIP). The IIP establishes the schedule and sequencing of modernization efforts that facilitates enterprise coordination.
M – Management and Framework
Once landing zones are determined, we establish or integrate with a management framework to provide a reporting mechanism and identify enabling tools. The framework defines core services (e.g., Network Segmentation, Configuration Management Database (CMDB), Continuous Diagnostics and Mitigation (CDM), Information Technology Service Management (ITSM), DevSecOps, and monitoring) to re-use or establish early to avoid rework and the associated added costs of doing this late. In addition, this is an important time to manage the start of FISMA compliance activities as well as provide cross-training for existing O&M staff.
A – Automate
Within the management framework and enabling tools, automation should be maximized to assure repeatability, consistency, and easy access to critical information. The core of our automation capability comes from our DevSecOps solutions, promoting automation of deployments, testing, scanning, and more. We start with discovery of existing processes and standards and then work with stakeholders to develop a roadmap to DevSecOps adoption and process and technology modernization.
R – Modernization (the 7 R’s)
Analysis of target applications determines which of the seven modernization options should be taken. The 7 R’s include: Relocate, Repurchase, Refactor or Rearchitect, Replatform, Rehost, Retire, and Retain. This is not just a one-time assessment. Our process is built to be revisited on a regular basis to determine if either technology or business factors have changed which approach is required for the applications.
T – Transition to Operations
After the application is moved, we execute our operational cut-over and monitor performance with existing O&M staff until all stakeholders sign off on a successful transition. Prerequisites to this cut-over include the completion of the ATO process to assure that Authorizing Officials and System Owners have accepted the documented security risks, implementation of controls, and any residual risk if applicable. In addition, T-Rex staff responsible for application modernization and migration engage with current system team members and operational support staff to capture and implement updates to existing O&M processes.
To learn more about T-Rex’s methodologies, check out the following: