Design patterns: elements of reusable object-oriented software
Design patterns: elements of reusable object-oriented software
WordNet: a lexical database for English
Communications of the ACM
Privacy protection and anonymity services for the World Wide Web
Future Generation Computer Systems - Special issue on security on the Web
Mining a web citation database for author co-citation analysis
Information Processing and Management: an International Journal
On the Analysis of Regulations using Defeasible Rules
HICSS '99 Proceedings of the Thirty-second Annual Hawaii International Conference on System Sciences-Volume 6 - Volume 6
A simple rule-based part of speech tagger
ANLC '92 Proceedings of the third conference on Applied natural language processing
A Practical Guide to Security Assessments
A Practical Guide to Security Assessments
Active security management based on secure zone cooperation
Future Generation Computer Systems - Special issue: Modeling and simulation in supercomputing and telecommunications
Locating related regulations using a comparative analysis approach
dg.o '06 Proceedings of the 2006 international conference on Digital government research
Complete Guide to Security and Privacy Metrics
Complete Guide to Security and Privacy Metrics
Semantics-based legal citation network
Proceedings of the 11th international conference on Artificial intelligence and law
ITNG '09 Proceedings of the 2009 Sixth International Conference on Information Technology: New Generations
Towards a compliance support framework for global software companies
SEA '07 Proceedings of the 11th IASTED International Conference on Software Engineering and Applications
Legal requirements acquisition for the specification of legally compliant information systems
Legal requirements acquisition for the specification of legally compliant information systems
| Hi-index | 0.00 |
For most global software companies with a client base that covers a large number of regulated businesses, regulatory compliance represents a significant challenge. The world of compliance has become increasingly complex due to the overwhelming number of regulations, laws, and standards that are introduced every year. These laws may vary significantly in their scope and applicability depending on the industry sector and the geographical area of the end client. In addition, many of these laws are created by different legislative bodies resulting in overlapping and sometimes conflicting provisions. To further complicate matters, laws are often created based on existing ones, forming a complex set of interdependent rules where changes made in one place can propagate to affect, sometimes in an inconsistent manner, many other laws. There is clearly a need to investigate techniques and tools that can alleviate IT solution providers from the complexity of dealing with regulatory compliance. In this paper, we present an approach and a supporting tool that aim to facilitate the analysis of multiple regulations. Our approach is based on the exploration of the citation relationship that links various laws together. The citation relationship is represented by a citation graph that can be used by an analyst to navigate through the provisions of various interrelated laws to uncover overlaps and possible conflicts or to simply understand the content of specific law documents. We also present a tool called CompDSS (Compliance Decision Support System) that supports our approach. Finally, we show the effectiveness of the presented approach by applying it to three regulations, namely, SOX, HIPAA, and GLBA.