Modeling Visualization Controls for Digital Architecture and Governance

Companies are continuously changing their strategy, processes, and information systems to benefit from the digital transformation. Controlling the Digital Architecture and Governance is the fundamental goal. Enterprise Governance, Risk and Compliance (GRC) systems are vital for managing digital risks threatening in modern enterprises from many different angles. The most significant constituent to GRC systems is the definition of Controls that is implemented on different layers of a digital Enterprise Architecture (EA). As part of the compliance aspect of GRC, the effectiveness of these Controls is assessed and reported to relevant management bodies within the enterprise. In this paper, we present a metamodel which links Controls to the affected elements of a digital EA and supplies a way of expressing associated assessment techniques and results. We complement the metamodel with an expository instantiation of a Control Compliance Cockpit in an international insurance enterprise.