Abstract
Enterprise Architecture (EA) management has been discussed as being supportive for implementation of regulations in enterprises and organizations, but the role of EA frameworks in this context has not been addressed intensely. The EU General Data Protection Regulation (GDPR) is one of the most frequently discussed regulation in industry and research, and expected to cause a shift in viewpoint of enterprises from a technological perspective dominated by information security issues to an organizational perspective governed by GDPR-compliant organizational structures and processes. A well-documented Enterprise Architecture (EA) and a working Enterprise Architecture Management (EAM) organization are expected to significantly ease the roadmap planning for GDPR implementation. Therefore, this article focuses on the practice of EA use for GDPR implementation. The main contributions of this article are (a) an analysis and comparison of existing architecture frameworks and how they address security-related issues, and (b) a case study from financial industries illustrating the use of EA for implementing GDPR compliance.
Highlights
Many industrial sectors are affected by an increasing number of regulations that are mandatory for enterprises and organizations in these sectors
Research presented in this article aimed to achieve two primary goals: (a) to gain an overview about existing EA frameworks (EAFs) and their approaches to handle security-related issues, and (b) to introduce a possible approach for General Data Protection Regulation (GDPR) implementation into Enterprise Architecture (EA)
The conclusion from the analysis is that all architecture frameworks provide approaches to tackle security-related issues, but the underlying philosophy is different and can be roughly grouped into EAFs, which favor a separate and defined security architecture (SA) and those that treat security aspects as attributes of the objects in individual architectures
Summary
Many industrial sectors are affected by an increasing number of regulations that are mandatory for enterprises and organizations in these sectors. Implementation of such regulations in an Reference: J. “Enterprise Architecture Frameworks as Support for Implementation of Regulations: Approach and Experiences from GDPR,” Complex Systems Informatics and Modeling Quarterly, CSIMQ, no.
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
