Create your GDPR registers with BiZZdesign Enterprise Studio

posted by Joost Niehof on Dec 19, 2017

Enterprises need to create and maintain registers of why, where and how they are processing personal data from EU citizens. Creating and maintaining these registers in BiZZdesign Enterprise Studio helps to ensure you create consistent and coherent registers that conform to your baseline enterprise design. In this blog I would like to show you how you can use Enterprise Studio to support this specific GDPR use case: the creation and maintenance of the registers of all personal data.




Powerful Analysis Techniques (7) – Risk, Security & Compliance Analyses

posted by Marc Lankhorst on Oct 19, 2017

In the final installment of this blog series, I want to address the domain of risk, security and compliance, an area of increasing importance for architects, process designers and others. As an example, in some previous blogs, I have already outlined the new EU General Data Protection Regulation (GDPR) and its impact. In one of my posts, I used a simple example of data classification and how you can use this to assess your application landscape.




Are You Ready for the GDPR? The Test Results

posted by Marc Lankhorst on Feb 28, 2017

In two previous blogs, I discussed the impact of the new EU General Data Protection Regulation and 8 things architects can do to help their organization comply with this far-reaching regulation. We also made available our ’How ready are you for the GDPR?’ test, which determines whether your organization is doing enough to prepare for the important regulation.




8 Steps Enterprise Architects Can Take to Deal with GDPR

posted by Marc Lankhorst on Jan 31, 2017

In my previous blog post, I described the new EU General Data Protection Regulation (GDPR) that will go into effect in May 2018, and I outlined its profound effects on organizations, not just in Europe but around the globe. This regulation, and related EU Directives such as the ePrivacy Directive and the Network and Information System Security (NIS) Directive, force organizations to rethink how they deal with personal, privacy-sensitive data. In this blog, I want to address the steps you can take as an architect to help your organization comply with these regulations.




7 Things Every Enterprise Architect Needs to Know About the GDPR

posted by Marc Lankhorst on Dec 20, 2016

The General Data Protection Regulation (GDPR) is a stringent EU Regulation on privacy protection, which will go into effect in May 2018. Enterprise architects can play an important role in helping their organization be GDPR-compliant. Are you aware of the impact of the GDPR on your organization?




The Value of Enterprise Architecture in Managing Risk, Compliance and Security

posted by Marc Lankhorst on Sep 1, 2016

In this blog post, we discuss the value of an integrated approach to managing risk, compliance and security in the enterprise, using enterprise architecture as a backbone.




Information Security in the Boardroom

posted by Remco Blom on Jul 24, 2015

After a recent presentation on “Security is not an IT problem”, which investigated the lacking relations between policies and measures within many organizations, we decided to have a World Cafe to discuss surrounding topics further. We separated the discussion into four topics, and had a debate on each one. In my previous blog in this series, I wrote about the 7 worst practices in Information Security. In this blog, I will present the outcomes of the discussion on Information Security in the Boardroom. Feel free to share your thoughts with us in the comments section below.




Information Security: 7 Worst Practices

posted by Remco Blom on Jul 2, 2015

Sharing knowledge and good practices is one of the core values of BiZZdesign. We regularly organize and contribute to online and offline seminars, conferences and round tables. After presentations on “Security is not an IT problem”, which discussed the lacking relations between security policies and measures in many organizations, we continued the debate in the form of a World Café. My last blog post was about building awareness around Information Security. In this blog post, I want to 7 seven worst practices we learned from the participants of our seminar. Please share your best and worst practices in the comments section below. 




Information Security: What Really Works to Build Awareness

posted by Remco Blom on Jun 19, 2015

One of our core values at BiZZdesign is sharing knowledge and best practices. That's why we regularly organize and contribute to online and offline seminars, conferences, and round tables. After a presentation entitled "Security is not an IT problem", which illustrated the often lacking connection between policies and measures within organizations, we decided to have a World Cafe to discuss a number of topics surrounding this. The last blog post in the series tackled the question of how to communicate about information security. In this blog post, I will present the outcome of a debate on what really works to build information security awareness? Feel free to share your thoughts in the comment section below.




Information Security: 7 Communication Tips to Involve Your Business

posted by Remco Blom on May 22, 2015

Earlier this month, I wrote the first blog post in a series based on a World Cafe discussion we had around the lacking relations between policies and measures in many organizations. The discussion took place in the form of 4 debate rounds. In the previous blog post, I presented Information Security as a necessity of life. There is no doubt that Information Security is a very important topic for most organizations, but during the debate, many participants were uncertain as to whether, and how to communicate to the rest of the company about it. In this blog post, I will present the conclusions of this discussion.