Security and Compliance
ExcellentManages identity and access management, audit logging, GDPR data privacy controls, encryption key management, and regulatory compliance for the Enterprise Platform.
Domain
Platform Team
2
Business Service
3
Business Capability
1
Domain
4
Component
4
Software System
6
Software Subsystem
5
API Contract
6
API Endpoint
3
Data Concept
4
Data Aggregate
7
Domain Event
1
Infrastructure Node
1
Cloud Service
Domain Context Map
Visualize the relationships between all elements in this domain
Business
Business Service 2 items
| Name | Status | Owns Product | Realizes Business Capability |
|---|---|---|---|
| Compliance Reporting Service | active | Enterprise Platform | Audit and Compliance |
| Identity Management Service | active | Enterprise Platform | Identity and Access Management |
Organization
Business Capability 3 items
| Name | Status | Sourcing | Realizes Component | Realized by Business Capability | Realized by Business Capability |
|---|---|---|---|---|---|
| Audit and Compliance | active | in-house | Audit and Compliance | Compliance Reporting Service | Audit and Compliance |
| Data Privacy | active | in-house | Data Privacy Controls | — | Data Privacy Controls |
| Identity and Access Management | active | hybrid | Identity and Access Management | Identity Management Service | Identity and Access ManagementSecrets and Key Management |
Application
Domain 1 items
| Name | Status | Composes Component | Owns Data Concept | Part of Domain |
|---|---|---|---|---|
| Security and Compliance | active | Identity and Access ManagementAudit and ComplianceData Privacy ControlsSecrets and Key Management | Identity RecordAudit Log EntryCompliance Policy | Audit and ComplianceData Privacy ControlsIdentity and Access ManagementSecrets and Key Management |
Component 4 items
| Name | Status | Sourcing | Composes Domain | Realizes Software System | Serves API Contract | Owns Data Aggregate | Realizes Business Capability | Realized by Component | Part of Component | Realized by Component | Realized by Component | Owned by Component |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Audit and Compliance | active | in-house | Security and Compliance | Audit Trail Service | Audit Query API | Audit Log Aggregate | Audit and Compliance | Audit and Compliance | Security and Compliance | Audit Trail Service | Audit Query API | Audit Log Aggregate |
| Data Privacy Controls | active | in-house | Security and Compliance | Privacy Management System | Privacy Rights API | Data Subject Request Aggregate | Data Privacy | Data Privacy | Security and Compliance | Privacy Management System | Privacy Rights API | Data Subject Request Aggregate |
| Identity and Access Management | active | hybrid | Security and Compliance | IAM Platform | Authentication APIAuthorization API | Identity Record Aggregate | Identity and Access Management | Identity and Access Management | Security and Compliance | IAM Platform | Authentication APIAuthorization API | Identity Record Aggregate |
| Secrets and Key Management | active | vendor | Security and Compliance | Secrets Vault | Secrets Vault API | Encryption Key Aggregate | Identity and Access Management | — | Security and Compliance | Secrets Vault | Secrets Vault API | Encryption Key Aggregate |
Software System 4 items
| Name | Status | Sourcing | Composes Software Subsystem | Realizes Component | Realized by Software System | Part of Software System |
|---|---|---|---|---|---|---|
| Audit Trail Service | active | in-house | Audit Ingest APIAudit Query API | Audit and Compliance | Audit and Compliance | Audit Ingest APIAudit Query API |
| IAM Platform | active | hybrid | IAM APIPolicy Engine | Identity and Access Management | Identity and Access Management | IAM APIPolicy Engine |
| Privacy Management System | active | in-house | Privacy Rights API | Data Privacy Controls | Data Privacy Controls | Privacy Rights API |
| Secrets Vault | active | vendor | Vault API | Secrets and Key Management | Secrets and Key Management | Vault API |
Software Subsystem 6 items
| Name | Status | Composes Software System | Composes API Endpoint | Part of Software Subsystem | Part of Software Subsystem | Owned by Software Subsystem | Served by Software Subsystem |
|---|---|---|---|---|---|---|---|
| Audit Ingest API | active | Audit Trail Service | Audit Event Ingest | Audit Trail Service | Audit Event Ingest | Audit Log Aggregate | Security GKE Cluster |
| Audit Query API | active | Audit Trail Service | Audit Events Query | Audit Trail Service | Audit Events Query | — | Security GKE Cluster |
| IAM API | active | IAM Platform | Auth Token IssueSCIM Users Provision | IAM Platform | Auth Token IssueSCIM Users Provision | Identity Record Aggregate | Security GKE Cluster |
| Policy Engine | active | IAM Platform | — | IAM Platform | — | — | Security GKE Cluster |
| Privacy Rights API | active | Privacy Management System | Privacy Request Submit | Privacy Management System | Privacy Request Submit | Data Subject Request Aggregate | Security GKE Cluster |
| Vault API | active | Secrets Vault | Vault Secrets Read | Secrets Vault | Vault Secrets Read | Encryption Key Aggregate | Security GKE Cluster |
API Contract 5 items
| Name | Status | Realizes Component | Realizes API Endpoint | Served by API Contract |
|---|---|---|---|---|
| Audit Query API | active | Audit and Compliance | Audit Event IngestAudit Events Query | Audit and Compliance |
| Authentication API | active | Identity and Access Management | Auth Token IssueSCIM Users Provision | Identity and Access Management |
| Authorization API | active | Identity and Access Management | — | Identity and Access Management |
| Privacy Rights API | active | Data Privacy Controls | Privacy Request Submit | Data Privacy Controls |
| Secrets Vault API | active | Secrets and Key Management | Vault Secrets Read | Secrets and Key Management |
API Endpoint 6 items
| Name | Status | Composes Software Subsystem | Part of API Endpoint | Realized by API Endpoint | Served by API Endpoint | Served by API Endpoint |
|---|---|---|---|---|---|---|
| Audit Event Ingest | active | Audit Ingest API | Audit Ingest API | Audit Query API | Config Change AppliedConnector ActivatedDeployment CompletedFeature Flag ToggledIncident DeclaredInsight SharedMFA Challenge FailedPayment Method UpdatedPrivacy Request ReceivedRollback TriggeredSync Schedule ChangedUser Access RevokedUser ProvisionedWebhook Registered | Security Policy Updated |
| Audit Events Query | active | Audit Query API | Audit Query API | Audit Query API | — | Compliance Report Generated |
| Auth Token Issue | active | IAM API | IAM API | Authentication API | — | MFA Challenge FailedUser Access Revoked |
| Privacy Request Submit | active | Privacy Rights API | Privacy Rights API | Privacy Rights API | — | Data Erasure CompletedPrivacy Request Received |
| SCIM Users Provision | active | IAM API | IAM API | Authentication API | — | User Provisioned |
| Vault Secrets Read | active | Vault API | Vault API | Secrets Vault API | — | — |
Data Concept 3 items
| Name | Status | Owned by Data Concept | Part of Data Concept |
|---|---|---|---|
| Audit Log Entry | active | Security and Compliance | Audit Log Aggregate |
| Compliance Policy | active | Security and Compliance | Data Subject Request AggregateEncryption Key Aggregate |
| Identity Record | active | Security and Compliance | Identity Record Aggregate |
Data Aggregate 4 items
| Name | Status | Composes Data Concept | Owns Component | Owns Software Subsystem | Owned by Data Aggregate |
|---|---|---|---|---|---|
| Audit Log Aggregate | active | Audit Log Entry | Audit and Compliance | Audit Ingest API | Audit and Compliance |
| Data Subject Request Aggregate | active | Compliance Policy | Data Privacy Controls | Privacy Rights API | Data Privacy Controls |
| Encryption Key Aggregate | active | Compliance Policy | Secrets and Key Management | Vault API | Secrets and Key Management |
| Identity Record Aggregate | active | Identity Record | Identity and Access Management | IAM API | Identity and Access Management |
Domain Event 7 items
| Name | Status | Serves API Endpoint | Serves API Endpoint |
|---|---|---|---|
| Compliance Report Generated | active | Audit Events Query | Notification APIAudit API |
| Data Erasure Completed | active | Privacy Request Submit | Audit APINotification API |
| MFA Challenge Failed | active | Auth Token Issue | Audit Event IngestAccess Control API |
| Privacy Request Received | active | Privacy Request Submit | Audit Event IngestNotification APIWorkflow API |
| Security Policy Updated | active | Audit Event Ingest | Access Control APIAudit API |
| User Access Revoked | active | Auth Token Issue | Access Control APIAudit Event Ingest |
| User Provisioned | active | SCIM Users Provision | Audit Event IngestNotification APIAnalytics Query API |
Technology
Infrastructure Node 1 items
| Name | Status | Served by Infrastructure Node |
|---|---|---|
| Security Node Pool | active | Security GKE Cluster |
Cloud Service 1 items
| Name | Status | Serves Software Subsystem | Serves Infrastructure Node |
|---|---|---|---|
| Security GKE Cluster | active | IAM APIPolicy EngineAudit Ingest APIAudit Query APIPrivacy Rights APIVault API | Security Node Pool |