Organizations are faced with an increased number of security-related challenges. Our research interest is on information security matters with our proposition being that enterprise architecture management (EAM) can support risk management (RM) and information security management (ISM) for instance by providing a plethora of information about an organization's information assets. We conducted a literature review, which underlines our proposition. The pivotal question we aim to answer is how EAM, RM and ISM efforts can be integrated for "the greater good", i.e., to achieve a facilitation of RM and ISM through the adoption of EAM. As a result, we present an integrated conceptual model which places our findings in the context of the well-established concepts defined in ISO-27001, ISO-31000 and ISO-42010.