Towards a compliance support framework for global software companies

Regulated companies are required to comply with the laws and regulations that apply to their industries. An important aspect of these authoritative rules is directly related to the way by which software systems, used by the regulated companies, are built, tested, and maintained. As a result, many regulated companies have turned to their software vendors to request their support in the compliance efforts. For most global software vendors, this new situation represents a significant challenge. From the technological standpoint, the complexity and sheer volume of typical authoritative rules poses a serious obstacle to implementing effective compliance support strategies. From the organizational perspective, the delivery of compliance support activities requires efficient business processes, skilled and valued employees, and a strong governance model with commitment at all management levels. To address these issues, we present a compliance support framework that aims to facilitate the linkage between compliance requirements, software development practices, and business process management. We believe that, if implemented properly, this framework can significantly improve the way software companies handle the increasing customer demand for compliance support. It can turn compliance support into a revenue-generating activity, and possibly a competitive advantage.

[1]  Kincho H. Law,et al.  A relatedness analysis of government regulations using domain knowledge and structural organization , 2006, Information Retrieval.

[2]  Daniel Amyot,et al.  Business Process Modeling with URN , 2005, Int. J. E Bus. Res..

[3]  S. Davidson Querying XML , 2000 .

[4]  Rebecca Herold,et al.  Say What You Do: Building a Framework of It Controls, Policies, Standards, and Procedures , 2007 .

[5]  Min-Yen Kan,et al.  Applying Natural Language Generation to Indicative Summarization , 2001, EWNLG@ACL.

[6]  Kincho H. Law,et al.  An Information Infrastructure for Government Regulation Analysis and Compliance Assistance , 2004, DG.O.

[7]  Jim Melton,et al.  Querying XML,: XQuery, XPath, and SQL/XML in context (The Morgan Kaufmann Series in Data Management Systems) (The Morgan Kaufmann Series in Data Management Systems) , 2006 .

[8]  G. Bowden Wise,et al.  Multi-Document Summarization: Methodologies and Evaluations , 2000 .

[9]  Kincho H. Law,et al.  Regulation-centric, logic-based compliance assistance framework , 2005 .

[10]  Daniel Amyot,et al.  Towards a Framework for Tracking Legal Compliance in Healthcare , 2007, CAiSE.

[11]  Taeg Keun Whangbo,et al.  Knowledge-based compliance management systems - methodology and implementation , 2005, Fourth Annual ACIS International Conference on Computer and Information Science (ICIS'05).

[12]  Kincho H. Law,et al.  Locating related regulations using a comparative analysis approach , 2006, DG.O.