A Model-driven Regulatory Compliance Framework
نویسندگان
چکیده
Industry uses GRC frameworks for compliance management and tracking. These are document-oriented systems that help human experts maintain traceability between various artefacts in the compliance life-cycle. Documents such as legal text of regulations, compliance process descriptions, audit reports, etc. can be linked using tagging mechanisms. Actual implementation of compliance to regulations happens through organizational processes and IT systems. Therefore, GRC frameworks lacks the necessary end-to-end mechanism for automated compliance checking.
منابع مشابه
Shareholder Wealth Effects of MANAGEMENT Regulatory COMPLIANCE
Purpose: This paper addresses whether and how the Sarbanes-Oxley Act of 2002(SOX) affects shareholder wealth (firm value) by focusing on the trade-off between improved corporate governance leading to a lower cost of capital and increased managerial compliance costs of regulations. Design/Methodology: We use an analytical model of solving the management utility maximization function and the cha...
متن کاملUnderstanding Styles of Corporate Compliance with Environmental Regulation: Towards a Multidimensional Conceptual Framework
This research applies the convergent insights of regulatory compliance and resource-dependence perspective to build a systematic framework of corporate compliance style (CCS thereafter). We use environmental regulation as the context of corporate compliance, and link corporate compliance with the levels of regulatory certainty and organizational nonmarket capabilities. We further develop a two ...
متن کاملToward (Semi-) Automated End-to-End Model-driven Compliance Framework
For modern enterprises, compliance to regulations has become increasingly important. Yet, substantial manual interventions and lack of interoperable models of various compliance aspects contribute to an ineffective implementation and rising costs of compliance. We propose a (semi-) automated end-to-end compliance framework that has the potential to address these challenges. Our contributions ar...
متن کاملFrom Regulatory Policies to Event Monitoring Rules: Towards Model-Driven Compliance Automation
The complexity and costs of conforming to regulatory objectives in large enterprises has drastically heightened the need for consistent and automated approaches to managing compliance. To uniformly describe and manage compliance policies in distributed and heterogeneous IT environments, we have proposed a compliance metamodel for formally capturing regulatory requirements and managing them in a...
متن کاملUsing Model-Driven Views and Trace Links to Relate Requirements and Architecture: A Case Study
Compliance in service-oriented architectures (SOA) means in general complying with laws and regulations applying to a distributed software system. Unfortunately, many laws and regulations are hard to formulate. As a result, several compliance concerns are realized on a per-case basis, leading to ad hoc, handcrafted solutions for each specific law, regulation, and standard that a system must com...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2017