Compliance is the way of demonstrating enterprise capabilities, resources and activities conform in fulfilling control requirements.
The compliance capability is the enterprise capability system which functions to realize metrics and measures, readiness boards, inspections, internal auditing and program and technical reviews.
The purpose of the compliance capability is to enable and assure the ability to control the monitoring, measuring and assessment of the enterprise, business, process, information and IT capabilities and the system and service offerings of the enterprise.
Compliance management is the enterprise capability management of the compliance capability.
The purpose of compliance management is to enable and assure the management and abilities of the compliance capabilities of the enterprise are controlled, balanced and aligned to the mission and needs of the enterprise as a whole.
Compliance Management Responsibilities
The enterprise manager role is responsible for compliance management of the compliance capability.
Compliance management work products include compliance management ideas, requirements, plans, risks, opportunities, reviews, decisions and action items.
The compliance architecture is the enterprise architecture of compliance management of the compliance capability.
The enterprise manager role uses the compliance architecture to support compliance management responsibilities and activities.
The purpose of the compliance architecture is to provide a management structure to enable and assure the compliance capability (the monitoring, measuring and assessment) of the business, process, information, IT, technology systems and services of the enterprise is controlled, balanced and aligned to the mission and needs of the enterprise as a whole.
The structure includes metrics and measures, readiness boards, internal auditing, program review and technical review.
Compliance Architecture Responsibilities
The enterprise architect role is responsible for architecting the compliance architecture in support of the compliance management responsibilities of the enterprise manager role.
Compliance architecture work products include compliance architecture concepts, descriptions, models, views, viewpoints, specifications and analyses.
As shown in Figure 43 – Compliance Team Concept, compliance is interconnected with and interdependent on operations, workflow, data, configurations, records, information utilization, system solution and service solution.
Figure 43 – Compliance Team Concept