The General Data Protection Regulation (GDPR) forces data protection management experts in companies worldwide to provide in-depth documentation and ensure GDPR-compliant data processing. Enterprise architecture management (EAM) provides a theoretical and methodical framework to address the multitude of concerns that arise from regulatory requirements. In this work, we report results from 24 qualitative interviews with 29 enterprise architects on how EAM supported the work of data protection management experts. We derive a conceptual framework with four different levels of EA support for Data Protection Management, and discuss EAM prerequisites for each level
To submit an update or takedown request for this paper, please submit an Update/Correction/Removal Request.