Abstract

Enterprise Architecture (EA) management has been discussed as being supportive for implementation of regulations in enterprises and organizations, but the role of EA frameworks in this context has not been addressed intensely. The EU General Data Protection Regulation (GDPR) is one of the most frequently discussed regulation in industry and research, and expected to cause a shift in viewpoint of enterprises from a technological perspective dominated by information security issues to an organizational perspective governed by GDPR-compliant organizational structures and processes. A well-documented Enterprise Architecture (EA) and a working Enterprise Architecture Management (EAM) organization are expected to significantly ease the roadmap planning for GDPR implementation. Therefore, this article focuses on the practice of EA use for GDPR implementation. The main contributions of this article are (a) an analysis and comparison of existing architecture frameworks and how they address security-related issues, and (b) a case study from financial industries illustrating the use of EA for implementing GDPR compliance.

Highlights

  • Many industrial sectors are affected by an increasing number of regulations that are mandatory for enterprises and organizations in these sectors

  • Research presented in this article aimed to achieve two primary goals: (a) to gain an overview about existing EA frameworks (EAFs) and their approaches to handle security-related issues, and (b) to introduce a possible approach for General Data Protection Regulation (GDPR) implementation into Enterprise Architecture (EA)

  • The conclusion from the analysis is that all architecture frameworks provide approaches to tackle security-related issues, but the underlying philosophy is different and can be roughly grouped into EAFs, which favor a separate and defined security architecture (SA) and those that treat security aspects as attributes of the objects in individual architectures

Read more

Summary

Introduction

Many industrial sectors are affected by an increasing number of regulations that are mandatory for enterprises and organizations in these sectors. Implementation of such regulations in an Reference: J. “Enterprise Architecture Frameworks as Support for Implementation of Regulations: Approach and Experiences from GDPR,” Complex Systems Informatics and Modeling Quarterly, CSIMQ, no.

Objectives
Methods
Conclusion

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.