Conceptual Integration of enterprise architecture management and security risk management

Eric Grandry, Christophe Feltus, Eric Dubois

Research output: Contribution in Book/Catalog/Report/Conference proceedingChapter

214 Downloads (Pure)


Enterprise Architecture Management (EAM) is considered to provide the mechanism for, amongst others, governing enterprise transformations required by changes in the environment. In this paper, we focus on changes that result from the analysis of information security risks and of their impacts on the services delivered by an enterprise. We present how the concepts of an information system security risks management domain can be mapped into the ArchiMate enterprise architecture modeling language. We illustrate the application of the proposed approach through the handling of a lab case.

Original languageEnglish
Title of host publicationProceedings of the Fifth Workshop on Service oriented Enterprise Architecture for Enterprise Engineering (SoEA4EE’2013), an International Workshop of the 17th IEEE International EDOC Conference (IEEE EDOC 2013)
PublisherIEEE Computer society
Number of pages10
Publication statusPublished - 2013


  • Archimate
  • EAM
  • Enterprise model integration
  • Information security risk management


Dive into the research topics of 'Conceptual Integration of enterprise architecture management and security risk management'. Together they form a unique fingerprint.

Cite this