Discussing Hierarchic Viewpoints Theoretical Considerations and a Practical Example

Abstract: Enterprise Governance, Risk and Compliance (GRC) systems are key to managing risks threatening modern enterprises from many different angles. Key constituent to GRC systems is the definition of Controls that are implemented on the different layers of an Enterprise Architecture (EA). Controls become part of a "Concern" of the EA, which allows to use an EA viewpoint to cover Control compliance assessments. In this article we explore this relationship further, derive a metamodel linking Control and EA, and elicit… Show more