Mar 4, 2020
We are happy to announce that our survey about document automation tools for the legal domain has been published.
The survey evaluates 13 document automation tools in accordance with requirements, which were identified with respect to the legal domain.
Please find the result of our survey here.
We would like to sincerely thank the 13 vendors who participated in our study and granted us access to their tools for conducting the study.
Feb 13, 2020
Three papers from the sebis chair were accepted for publication at the 22nd International Conference on Enterprise Information Systems in Prague, May 5-7 2020:
Bondel, G., Nägele, S., Koch, F., Matthes, F.: "Barriers for the Advancement of an API Economy in the German Automotive Industry and Potential Measures to Overcome these Barriers". Proceedings of the 22nd International Conference on Enterprise Information Systems (ICEIS), Prague 2020 - to appear
Bondel, G., Buchelt, S., Urlberger, H., Ulrich, N., Kabelin, C., Matthes, F.: "Towards a Change Management Framework for Cloud Transitions: Findings from a Case Study at a German Machine Manufacturer". Proceedings of the 22nd International Conference on Enterprise Information Systems (ICEIS), Prague 2020 - to appear
Jan 13, 2020
Three sebis research papers were presented at the 53rd Hawaii International Conference on Systems Sciences (HICSS) 2020:
Abstract: The European General Data Protection Regulation’s (GDPR) large imminent fines cause companies worldwide to undertake major efforts for privacy compliance. Any company doing business with European customers has to adhere to new processing principles and documentation requirements, and provide extensive access rights to data subjects.
Enterprise architecture management (EAM) provides a theoretical and methodical framework to align business and IT and has been used, among others, to identify and address concerns that arose from regulation.
In this work, we report results from 24 qualitative interviews with 29 enterprise architects on how EAM supports the work of data protection management (DPM) experts. We derive a conceptual framework with four different levels of EAM support for DPM, and discuss high-level recommendations for each level.
Abstract: Businesses today are increasingly dependent on how they transform information into economic value, while simultaneously being compliant with intensified privacy requirements, resulting from legal acts like the General Data Protection Regulation (GDPR). As a consequence, realizing information governance has become a topic more important than ever to balance the beneficial use and protection of information. This paper argues that enterprise architecture management (EAM) can be a key to GDPR implementation as one important domain of information governance by providing transparency on information integration throughout an organization. Based on 24 interviews with 29 enterprise architects, we identified a multiplicity of benefits and barriers within the interplay of EAM and GDPR implementation and derived seven design principles that should foster EAM to enhance information governance.
Abstract: The documentation of IT landscapes is a challenging task which is still performed mainly manually. Technology and software development trends like agile practices and microservice-based architectures exacerbate the endeavours to keep documentation up-to-date. Recent research efforts for automating this task have not addressed runtime data for gathering the architecture and remain unclear regarding proper algorithms and visualization support. In this paper, we want to close this research gap by presenting two algorithms that 1) discover the IT landscape based on historical data and 2) create continuously architecture snapshots based on new incoming runtime data. We especially consider scenarios in which runtime artifacts or communications paths were removed from the architecture as those cases are challenging to unveil from runtime data. We evaluate our prototype by analyzing the monitoring data from 79 days of a big automotive company. The algorithms provided promising results. The implemented prototype allows stakeholders to explore the snapshots in order to analyze the emerging behavior of the microservice-based IT landscape.
Nov 14, 2019
The record of processing activities (RPA) is a central document in demonstrating compliance with the General Data Protection Regulation (GDPR). Article 30 of the GDPR specifies the information that has to be made available to the supervisory authority upon request. Currently, data protection management experts conduct their own data collection and maintain isolated RPAs. We show how existing Enterprise Architecture models can be augmented with the necessary information to maintain and generate an RPA. We evaluate the completeness and usefulness of the approach together with data protection management experts.
Document:
Using Enterprise Architecture Models for Creating the Record of Processing Activities (Art. 30 GDPR)
Oct 30, 2019
The widespread use of agile methods shows a fundamental shift in the way organizations try to cope with unpredictable competitive environments. In large-scale agile settings, multiple development activities need to be coordinated to achieve desirable enterprise-wide effects and agility. A powerful instrument to effectively guide and steer large-scale agile endeavors is the formulation and usage of architecture principles.
Despite their raison d'être to guide large organizational transformations, extant studies on how principles can be used to support large-scale agile transformations are still lacking.
Against this backdrop, we present a multiple-case study involving five German companies that aims to shed light on the establishment of architecture principles to support large-scale agile transformations. Based on our results from sixteen semi-structured interviews, we present current practices as well as challenges faced by organizations during the application of architecture principles. In addition, we show a set of principles used to support large-scale agile transformations.