Enterprise Architecture Frameworks as Support for Implementation of Regulations: Approach and Experiences from GDPR

Complex Syst. Informatics Model. Q. Pub Date : 2020-10-30 DOI:10.7250/csimq.2020-24.03

Johannes Wichmann, K. Sandkuhl, N. Shilov, A. Smirnov, F. Timm, M. Wißotzki

{"title":"Enterprise Architecture Frameworks as Support for Implementation of Regulations: Approach and Experiences from GDPR","authors":"Johannes Wichmann, K. Sandkuhl, N. Shilov, A. Smirnov, F. Timm, M. Wißotzki","doi":"10.7250/csimq.2020-24.03","DOIUrl":null,"url":null,"abstract":"Enterprise Architecture (EA) management has been discussed as being supportive for implementation of regulations in enterprises and organizations, but the role of EA frameworks in this context has not been addressed intensely. The EU General Data Protection Regulation (GDPR) is one of the most frequently discussed regulation in industry and research, and expected to cause a shift in viewpoint of enterprises from a technological perspective dominated by information security issues to an organizational perspective governed by GDPR-compliant organizational structures and processes. A well-documented Enterprise Architecture (EA) and a working Enterprise Architecture Management (EAM) organization are expected to significantly ease the roadmap planning for GDPR implementation. Therefore, this article focuses on the practice of EA use for GDPR implementation. The main contributions of this article are (a) an analysis and comparison of existing architecture frameworks and how they address security-related issues, and (b) a case study from financial industries illustrating the use of EA for implementing GDPR compliance.","PeriodicalId":416219,"journal":{"name":"Complex Syst. Informatics Model. Q.","volume":"6 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2020-10-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Complex Syst. Informatics Model. Q.","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.7250/csimq.2020-24.03","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 1

Abstract

Enterprise Architecture (EA) management has been discussed as being supportive for implementation of regulations in enterprises and organizations, but the role of EA frameworks in this context has not been addressed intensely. The EU General Data Protection Regulation (GDPR) is one of the most frequently discussed regulation in industry and research, and expected to cause a shift in viewpoint of enterprises from a technological perspective dominated by information security issues to an organizational perspective governed by GDPR-compliant organizational structures and processes. A well-documented Enterprise Architecture (EA) and a working Enterprise Architecture Management (EAM) organization are expected to significantly ease the roadmap planning for GDPR implementation. Therefore, this article focuses on the practice of EA use for GDPR implementation. The main contributions of this article are (a) an analysis and comparison of existing architecture frameworks and how they address security-related issues, and (b) a case study from financial industries illustrating the use of EA for implementing GDPR compliance.

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

企业架构框架作为法规实施的支持:GDPR的方法和经验

企业架构(EA)管理已经被讨论为支持企业和组织中法规的实现，但是在这种情况下，EA框架的角色还没有得到充分的讨论。欧盟通用数据保护条例(GDPR)是工业界和研究界最常讨论的法规之一，预计将导致企业的观点从以信息安全问题为主的技术角度转变为由符合GDPR的组织结构和流程控制的组织角度。一个文档完备的企业架构(EA)和一个有效的企业架构管理(EAM)组织有望大大简化GDPR实施的路线图规划。因此，本文关注的是将EA用于GDPR实现的实践。本文的主要贡献是(a)对现有架构框架的分析和比较，以及它们如何解决与安全相关的问题，以及(b)金融行业的案例研究，说明使用EA实现GDPR合规性。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文去求助

来源期刊

Complex Syst. Informatics Model. Q.

自引率

0.00%

发文量